• Home
  • AWS WAF vs. Prisma Cloud by Palo Alto Networks

AWS WAF vs Prisma Cloud by Palo Alto Networks comparison

Cancel
You must select at least 2 products to compare!
Amazon Web Services (AWS) Logo
AWS WAF
Read 52 AWS WAF reviews
17,303 views|13,553 comparisons
82% willing to recommend
Palo Alto Networks Logo
Prisma Cloud by Palo Alto Networks
Read 82 Prisma Cloud by Palo Alto Networks reviews
3,623 views|1,989 comparisons
97% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
AWS WAF vs. Prisma Cloud by Palo Alto Networks
March 2024
Executive Summary
Updated on Mar 13, 2024

Prisma Cloud and AWS WAF offer competitive pricing and effective security measures, with Prisma Cloud focusing on multi-cloud visibility and automation, while AWS WAF is highlighted for its web protection capabilities and seamless integration with other AWS services. Prisma Cloud users value the ease of use and advanced threat detection, while AWS WAF users appreciate the customization options and real-time monitoring features.

  • Features: Prisma Cloud by Palo Alto Networks shines with its comprehensive security capabilities, advanced threat detection, and automated compliance assessment. In comparison, AWS WAF stands out for its effectiveness in protecting against web threats, ease of setting up access control rules, and seamless integration with other AWS services.
  • Pricing and ROI: The setup cost for Prisma Cloud is competitive and reasonable, offering good value with easy deployment. In comparison, AWS WAF has relatively low setup costs and fair licensing fees. Both provide scalability for different organizations. Prisma Cloud offers significant cost savings and increased security measures, reducing risks and improving compliance. AWS WAF focuses on protecting web applications and customizing rules to prevent cyber threats.
  • Room for Improvement: Prisma Cloud users suggest improving the UI, integrations, documentation, training resources, and alerting/reporting. AWS WAF users seek easier setup, user-friendly documentation, and more customization.
  • Deployment and customer support: Prisma Cloud users had varying feedback on deployment and setup duration. Some experienced longer deployment and shorter setup, while others had the reverse. AWS WAF users also had mixed feedback. Prisma Cloud stands out for its top-notch and reliable customer service, known for its expertise and responsiveness. AWS WAF is commended for its friendly and proactive support, providing timely assistance to users.

The summary above is based on 142 interviews we conducted recently with Prisma Cloud by Palo Alto Networks and AWS WAF users. To access the review's full transcripts, download our report.

To learn more, read our detailed AWS WAF vs. Prisma Cloud by Palo Alto Networks Report (Updated: March 2024).
Download the complete report
771,157 professionals have used our research since 2012.
Featured Review
Kolawole-Olowoporoku
Easy to configure and stable solution
We use it in the production environment. From time to time, we can see the metrics for the generated traffic on both the WAF and the infrastructure... Read more →
Anonymous User
Offers unified monitoring and a complete map of our environment but only the SaaS version includes posture management
Prisma Cloud is a crucial component of our clients' security, particularly for their billing environments. It offers comprehensive security across... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable feature of AWS WAF is the extra layer of security that I have when connecting to my web applications.""Their technical support has been quite good.""AWS WAF is very easy to use and configure on AWS.""The product’s availability, ease of configuration, and documentation are valuable.""The solution's initial setup process is easy.""The simple configuration and the scalability have been most valuable. We are able to scale across all of our different AWS instances.""The customizable features are good.""I believe the most impressive features are integration and ease of use. The best part of AWS WAF is the cloud-native WAF integration. There aren't any hidden deployments or hidden infrastructure which we have to maintain to have AWS WAF. AWS maintains everything; all we have to do is click the button, and WAF will be activated. Any packet coming through the internet will be filtered through."

More AWS WAF Pros →

"In addition to that, I can get a snapshot of what I deemed were the priority vulnerabilities, whether it was identity access management, key rotation, or secrets management. Whatever you deem to be a priority for mitigating threats for your environment, you can get that as a snapshot.""Prisma Cloud's most important feature is its auto-remediation.""I found the network queue sets useful. I also liked the Workload Protection Module, the vulnerability findings, and how the rule sets handle the vulnerabilities based on severity.""CSPM is very useful because it gives us good policies and violation alerts.""One of the most valuable features is the compliance of RedLock, which we are using for any issues with security. It flags them and that's the primary objective of that feature.""What I found most valuable in Prisma Cloud by Palo Alto Networks is the VAS, such as the web application and API security. I feel that VAS adds a lot of value, mainly because it gives visibility through the application layer and threat detection features.""It supports the multi-cloud environment beautifully.""The client wasn't using all of the features, but the one that stood out was infrastructure-as-code (IaC). I built IaC use cases and was trying to get them to use it. I also liked cloud workload protection. I worked with the vulnerability management team to develop a process. It's a manual process, so it can be challenging to remediate many image or container issues. It was nice that we could build out a reporting process and download the reports. The reports are solid."

More Prisma Cloud by Palo Alto Networks Pros →

Cons
"The solution could improve by having better rules, they are very basic at the moment. There are more attacks coming and we have to use third-party solutions, such as FIA. The features are not sufficient to prevent all the attacks, such as DDoS. Overall the solution should be more secure.""On the UI side, I would like it if they could bring back the geolocation view on the corner.""When users choose the free service, there isn't great support available to them.""We need more support as we go global.""The product could be improved by expanding the weightage units of rules.""For now, there is no feature to protect against attack of the bad bots""For uniformity, AWS has a well-accepted framework. However, it'll be better for us if we could have some more documented guidelines on how the specific business should be structured and the roles that the cloud recommends.""In a future release I would like to see automation. There's no interaction between the applications and that makes it tedious. We have to do the preparation all over again for each of our other applications."

More AWS WAF Cons →

"I think Prisma Cloud could improve its preventive governance policy and CWP run time modules.""The innovation side of the solution could be more efficient and more detailed.""The deployment and onboarding are plug-and-play, but somewhat hard to handle in terms of integration with external operations tools. The product design isn't up to the current standard. I would recommend having higher standards in terms of integration with other tools, especially operationalized tools.""For some custom policies, we need more features.""It's not really on par with, or catering to, what other products are looking at in terms of SAST and DAST capabilities. For those, you'd probably go to the market and look at something like Veracode or WhiteHat.""When there are updates, whether daily, weekly, or monthly, it needs configuration or permission adjustments. There is no automation for that, which is too bad.""Prisma is good about compliance, and their support is excellent, but they struggle with automation and integration. They need to stay on top of the newest types of connectors. How can you connect other applications and other tools in order for this to work cohesively? That's a challenge.""It would be ideal if they could somehow reduce the deployment time."

More Prisma Cloud by Palo Alto Networks Cons →

Pricing and Cost Advice
  • "It's an annual subscription."
  • "There are no costs in addition to the standard licensing fees."
  • "There are different scale options available for WAF."
  • "AWS is not that costly by comparison. They are maybe close to $40 per month. I think it was between $29 or $39."
  • "It has a variable pricing scheme."
  • "We are kind of doing a POC comparison to see what works best. Pricing-wise, AWS is one of the most attractive ones. It is fairly cheap, and we like the pricing part. We're trying to see what makes more sense operation-wise, license-wise, and pricing-wise."
  • "It's quite affordable. It's in the middle."
  • "The pricing should be more affordable, especially as it pertains to small clients."

    • More AWS WAF Pricing and Cost Advice →

  • "The purchasing process was easy and quick. It is a very economical solution."
  • "Our licensing fees are $18,000 USD per year."
  • "One thing we're very pleased about is how the licensing model for Prisma is based on work resources. You buy a certain amount of work resources and then, as they enable new capabilities within Prisma, it just takes those work resource units and applies them to new features. This enables us to test and use the new features without having to go back and ask for and procure a whole new product, which could require going through weeks, and maybe months, of a procurement process."
  • "The pricing and the licensing are both very fair... The biggest advice I would give in terms of costs would be to try to understand what the growth is going to look like. That's really been our biggest struggle, that we don't have an idea of what our future growth is going to be on the platform. We go from X number of licenses to Y number of licenses without a plan on how we're going to get from A to B, and a lot of that comes as a bit of a surprise. It can make budgeting a real challenge for it."
  • "From my exposure so far, they have been really flexible on whatever your current state is, with a view to what the future state might be. There's no hard sell. They "get" the journey that you're on, and they're trying to help you embrace cloud security, governance, and compliance as you go."
  • "If a competitor came along and said, "We'll give you half the price," that doesn't necessarily mean that's the right answer, at all. We wouldn't necessarily entertain it that way. Does it do what we need it to do? Does it work with the things that we want it to work with? That is the important part for us. Pricing wasn't the big consideration it might be in some organizations. We spend millions on public cloud. In that context, it would not make sense to worry about the small price differences that you get between the products."
  • "The pricing and licensing are expensive compared to the other offerings that we considered."
  • "I don't know a better way to do it, but their licensing is a little confusing. That's due to the breadth of different types of technologies they are trying to cover. The way you license depends on where you're securing. When they were Twistlock it was a simple licensing scheme and you could tell what you were doing. Now that they've changed that scheme with Palo Alto, it is quite confusing. It's very difficult to predict what your costs are going to be as you try to expand coverage."

    • More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
    See Recommendations
    771,157 professionals have used our research since 2012.
    Questions from the Community
    What are the limitations of AWS WAF vs alternative WAFs?
    Top Answer:Hi Varun I have had experienced with several WAF deployments and deep technical assessments of the following: 1. Imperva WAF 2. F5 WAF 3. Polarisec Cloud WAF Typical limitations on cloud WAF… more »
    Read all 2 answers   →
    How does AWS WAF compare to Microsoft Azure Application Gateway?
    Top Answer:Our organization ran comparison tests to determine whether Amazon’s Web Service Web Application Firewall or Microsoft Azure Application Gateway web application firewall software was the better fit for… more »
    What do you like most about AWS WAF?
    Top Answer:The most valuable feature of AWS WAF is its highly configurable rules system.
    Read all 40 answers   →
    What is your primary use case for Prisma Cloud by Palo Alto Networks ?
    Top Answer:Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
    Read all 7 answers   →
    What Cloud-Native Application Protection Platform do you recommend?
    Top Answer:We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We are able to easily see where our container vulnerabilities lie and and where cloud… more »
    What do you think of Aqua Security vs Prisma Cloud?
    Top Answer:Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valuable feature and their speed of integration is very good. The initial setup was… more »
    Ranking
    1st
    out of 82 in Web Application Firewall (WAF)
    Views
    17,303
    Comparisons
    13,553
    Reviews
    30
    Average Words per Review
    415
    Rating
    8.4
    5th
    out of 82 in Web Application Firewall (WAF)
    Views
    3,623
    Comparisons
    1,989
    Reviews
    54
    Average Words per Review
    1,122
    Rating
    8.4
    Comparisons
    Also Known As
    AWS Web Application Firewall
    Palo Alto Networks Prisma Cloud, Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
    Learn More
    Amazon Web Services (AWS)
    Palo Alto Networks
    Overview

    AWS Web Application Firewall (WAF) is a firewall security system that monitors incoming and outgoing traffic for applications and websites based on your pre-defined web security rules. AWS WAF defends applications and websites from common Web attacks that could otherwise damage application performance and availability and compromise security.

    You can create rules in AWS WAF that can include blocking specific HTTP headers, IP addresses, and URI strings. These rules prevent common web exploits, such as SQL injection or cross-site scripting. Once defined, new rules are deployed within seconds, and can easily be tracked so you can monitor their effectiveness via real-time insights. These saved metrics include URIs, IP addresses, and geo locations for each request.

    AWS WAF Features

    Some of the solution's top features include:

    • Web traffic filtering: Get an extra layer of security by creating a centralized set of rules, easily deployable across multiple websites. These rules filter out web traffic based on conditions like HTTP headers, URIs, and IP addresses. This is very helpful for protection against exploits such as SQL injection and cross-site scripting as well as attacks from third-party applications.
    • Bot control: Malicious bot traffic can consume excessive resources and cause downtime. Gain visibility and control over bot traffic with a managed rule group. You can easily block harmful bots, such as scrapers and crawlers, and you can allow common bots, like search engines and status monitors.
    • Fraud prevention: Effectively defend your application against bot attacks by monitoring your application’s login page with a managed rule group that prevents hackers from accessing user accounts using compromised credentials. The managed rule group helps protect against credential stuffing attacks, brute-force login attempts, and other harmful login activities.
    • API for AWS WAF Management: Automatically create and maintain rules and integrate them into your development process.
    • Metrics for real-time visibility: Receive real-time metrics and captures of raw requests with details about geo-locations, IP addresses, URIs, user agents, and referrers. Integrate seamlessly with Amazon CloudWatch to set up custom alarms when events or attacks occur. These metrics provide valuable data intelligence that can be used to create new rules that significantly improve your application protections.
    • Firewall management: AWS Firewall Manager automatically scans and notifies the security team when there is a policy violation, so they can swiftly take action. When new resources are created, your security team can guarantee that they comply with your organization’s security rules.

    Reviews from Real Users

    AWS WAF stands out among its competitors for a number of reasons. Two major ones are its user-friendly interface and its integration capabilities.

    Kavin K., a security analyst at M2P Fintech, writes, “I believe the most impressive features are integration and ease of use. The best part of AWS WAF is the cloud-native WAF integration. There aren't any hidden deployments or hidden infrastructure which we have to maintain to have AWS WAF. AWS maintains everything; all we have to do is click the button, and WAF will be activated. Any packet coming through the internet will be filtered through.”

    Prisma Cloud by Palo Alto Networks is a cloud security solution used for cloud security posture management, cloud workload protection, container security, and code security. It provides visibility, monitoring, and alerting for security issues in multi-cloud environments. 

    The solution is user-friendly, easy to set up, and integrates with SIEM for generating alerts and reports. Its most valuable features include security features, monitoring capabilities, reporting, compliance monitoring, vulnerability dashboard, data security features, and multi-cloud capabilities. Prisma Cloud has helped organizations by providing comprehensive protection, automating workflows, simplifying troubleshooting, and improving collaboration between SecOps and DevOps.

    Prisma Cloud Features

    Prisma Cloud offers comprehensive security coverage in all areas of the cloud development lifecycle:

    • Code security: Protect configurations, scan code before it enters production, and integrate with other tools.

    • Security posture management: Monitor posture, identify and remove threats, and provide compliance across public clouds.

    • Workload protection: Secure hosts and containers across the application lifecycle.

    • Network security: Gain network visibility and enforce micro segmentation.

    • Identity security: Enforce permissions and secure identities across clouds.

    Benefits of Prisma Cloud

    • Unified management: All users use the same dashboards built via shared onboarding, allowing cloud security to be addressed from a single agent framework.

    • High-speed onboarding: Multiple cloud accounts and users are onboarded within seconds, rapidly activating integrated security capabilities.

    • Multiple integration options: Prisma Cloud can integrate with widely used IDE, SCM, and CI/CD workflows early in development, enabling users to identify and fix vulnerabilities and compliance issues before they enter production. Prisma Cloud supports all major workflows, automation frameworks, and third-party tools.

    Reviews from Real Users

    Prisma Cloud stands out among its competitors for a number of reasons. Two major ones are its integration capabilities, as well as its visibility, which makes it very easy for users to get a full picture of the cloud environment.

    Alex J., an information security manager at Cobalt.io, writes, “Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them.”

    Luke L., a cloud security specialist for a financial services firm, writes, “You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums.”

    Sample Customers
    eVitamins, 9Splay, Senao International
    Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
    Top Industries
    REVIEWERS
    Computer Software Company25%
    Manufacturing Company13%
    Energy/Utilities Company8%
    Financial Services Firm8%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm13%
    Manufacturing Company7%
    Comms Service Provider6%
    REVIEWERS
    Computer Software Company33%
    Manufacturing Company18%
    Financial Services Firm18%
    Healthcare Company8%
    VISITORS READING REVIEWS
    Educational Organization14%
    Computer Software Company13%
    Financial Services Firm13%
    Manufacturing Company8%
    Company Size
    REVIEWERS
    Small Business37%
    Midsize Enterprise20%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise14%
    Large Enterprise63%
    REVIEWERS
    Small Business28%
    Midsize Enterprise20%
    Large Enterprise52%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise22%
    Large Enterprise61%
    Buyer's Guide
    AWS WAF vs. Prisma Cloud by Palo Alto Networks
    March 2024
    Free Report: AWS WAF vs. Prisma Cloud by Palo Alto Networks
    Find out what your peers are saying about AWS WAF vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    771,157 professionals have used our research since 2012.

    AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews while Prisma Cloud by Palo Alto Networks is ranked 5th in Web Application Firewall (WAF) with 82 reviews. AWS WAF is rated 8.0, while Prisma Cloud by Palo Alto Networks is rated 8.4. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". AWS WAF is most compared with Azure Web Application Firewall, Microsoft Azure Application Gateway, F5 Advanced WAF, Imperva Web Application Firewall and Akamai App and API Protector, whereas Prisma Cloud by Palo Alto Networks is most compared with Wiz, Microsoft Defender for Cloud, Aqua Cloud Security Platform, AWS Security Hub and SUSE NeuVector. See our AWS WAF vs. Prisma Cloud by Palo Alto Networks report.

    See our list of best Web Application Firewall (WAF) vendors.

    We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.